Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / owncloud

owncloud

168 tracked vulnerabilities.

CVE-2020-10254 MEDIUM

owncloud < 10.4.0 - Unauthenticated Authentication Bypass via Image Preview

CVE-2020-10252 HIGH

owncloud < 10.4.0 - Authenticated Server-Side Request Forgery via Files Sharing External Remote Parameter

CVE-2020-28645 CRITICAL

owncloud < 10.6.0 - Unauthenticated Arbitrary File Deletion via User Deletion

CVE-2020-28644 MEDIUM

owncloud < 10.6.0 - Cross-Site Request Forgery in OCS API Endpoints

CVE-2020-16144 MEDIUM

ownCloud files_antivirus < 0.15.2 - Virus File Deletion Failure via Public Link Upload

CVE-2020-16255 MEDIUM

owncloud < 10.5 - Cross-Site Scripting in Login Page Forgot Password Functionality

CVE-2019-25337 CRITICAL

OwnCloud 8.1.8 - Username Enumeration via Share Endpoint Wildcard Search

CVE-2017-9340 MEDIUM

ownCloud Server <10.0.2 - Privilege Escalation

CVE-2017-9339 MEDIUM

ownCloud Server <10.0.2 - Info Disclosure

CVE-2017-9338 MEDIUM

ownCloud Server <8.2.12, <9.0.10, <9.1.6, <10.0.2 - XSS

CVE-2017-8896 MEDIUM

ownCloud Server <8.2.12, <9.0.10, <9.1.6, <10.0.2 - XSS

CVE-2017-5867 MEDIUM

ownCloud < 8.1.11, 8.2.x < 8.2.9, 9.0.x < 9.0.7, 9.1.x < 9.1.3 - Authenticated Denial of Service via One-Bit BMP File

CVE-2017-5866 MEDIUM

Owncloud < 8.1.10 - Information Disclosure

CVE-2017-5865 LOW

ownCloud < 8.1.11, 8.2.x < 8.2.9, 9.0.x < 9.0.7, 9.1.x < 9.1.3 - User Enumeration via Password Reset Error Messages

CVE-2016-9468 MEDIUM

Nextcloud Server <9.0.54, 10.0.1 & ownCloud Server <9.0.6, 9.1.2 - Content Spoofing via DAV

CVE-2016-9467 MEDIUM

Nextcloud Server < 9.0.54 and 10.0.1 & ownCloud Server < 9.0.6 and 9.1.2 - Content Spoofing in Files App Location Bar

CVE-2016-9466 MEDIUM

Nextcloud Server < 10.0.1 and ownCloud Server < 9.0.6 and 9.1.2 - Reflected Cross-Site Scripting in Gallery Application

CVE-2016-9465 MEDIUM

Nextcloud Server < 10.0.1 & ownCloud Server < 9.0.6 and 9.1.2 - Stored Cross-Site Scripting in CardDAV Image Export

CVE-2016-9463 HIGH

Nextcloud Server <9.0.54/10.0.1 & ownCloud Server <9.1.2/9.0.6/8.2.9 - SMB Auth Bypass

CVE-2016-9462 MEDIUM

Nextcloud Server < 9.0.52 & ownCloud Server < 9.0.4 - Unauthenticated File Restore Privilege Bypass

CVE-2016-9461 MEDIUM

Nextcloud Server < 9.0.52 & ownCloud Server < 9.0.4 - Authenticated Arbitrary File Write via WebDAV COPY

CVE-2016-9460 MEDIUM

Nextcloud Server < 9.0.52 and ownCloud Server < 9.0.4 - Content Spoofing in Files App Location Bar

CVE-2016-9459 MEDIUM

Nextcloud Server < 9.0.52 and ownCloud Server < 9.0.4 - Stored Cross-Site Scripting via Download Log

CVE-2016-7102 HIGH

owncloud_desktop_client < 2.2.2 - Local Code Execution via Trojan Library in Special Path

CVE-2016-5876 MEDIUM

ownCloud <8.2.6 & <9.0.3 - Info Disclosure

Previous Page 2 of 7 Next

Products

owncloud 116 owncloud_server 108 owncloud_client 7 owncloud_desktop_client 5 files_antivirus 3 OwnCloud 1 file_firewall 1 graph_api 1 guests 1 oauth2 1 smb 1 user_ldap 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy